GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-02-13 11:04:52 Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.01.0 Running: udv4e7xp.exe; Driver: C:\Users\raff\AppData\Local\Temp\kwlcraod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8C151992] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8C1533FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8C153674] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8C1538E6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8C1522AA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8C152A52] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8C152E4E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x8C1524C8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8C152D34] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x8C151582] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8C152C08] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8C15172A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8C152F6E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0x8C168FB0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8C151F32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8C152030] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8C152C9E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8C154596] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8C155716] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x8C152694] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8C154688] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8C168FD0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8C152EE4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x8C152336] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8C152DC4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8C151BDC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8C154AFC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8C153004] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8C151AD0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwPlugPlayControl [0x8C168FC0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8C153B30] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8C15509C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8C15498E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8C153368] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8C15322E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8C154330] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8C1555B8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8C15279C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8C15214C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8C153BD2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x8C154790] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8C1551EC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8C1552DE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8C155418] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8C1544BA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8C151D7C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8C151CD2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8C154F40] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8C151E68] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKey + 13D1 82047369 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82080D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82087D8C 4 Bytes [92, 19, 15, 8C] .text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82087DB4 8 Bytes [FA, 33, 15, 8C, 74, 36, 15, ...] .text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82087DF8 4 Bytes [E6, 38, 15, 8C] .text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82087E24 4 Bytes [AA, 22, 15, 8C] .text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82087E48 4 Bytes [52, 2A, 15, 8C] .text ... ---- User code sections - GMER 1.0.15 ---- ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] C:\windows\SYSTEM32\ntdll.dll time/date stamp mismatch; ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] C:\windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] USER32.dll!NotifyWinEvent + 6AE 75BCD66C 4 Bytes [70, 11, 46, 6C] {JO 0x13; INC ESI; INSB } .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3684] USER32.dll!SetWindowLongA 75BB8BA3 5 Bytes JMP 658066DC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3684] USER32.dll!SetWindowLongW 75BC4449 5 Bytes JMP 6580666E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3684] USER32.dll!GetWindowInfo 75BC4B5E 5 Bytes JMP 6559A4E7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[3684] USER32.dll!TrackPopupMenu 75BD2228 5 Bytes JMP 6559AABD C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4484] ntdll.dll!LdrLoadDll 772A223E 5 Bytes JMP 65421B30 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4484] USER32.dll!GetWindowInfo 75BC4B5E 5 Bytes JMP 655A1F10 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] C:\windows\SYSTEM32\ntdll.dll time/date stamp mismatch; ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] C:\windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] USER32.dll!NotifyWinEvent + 6AE 75BCD66C 4 Bytes [70, 11, 46, 6C] {JO 0x13; INC ESI; INSB } ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00750240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 007502B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00750320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00750390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00750A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00750B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00750B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00750BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 77390D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 77390DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00750C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 77390E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 77390E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 77390EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] 77390F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 016F0010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 016F0080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 016F00F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 016F0160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 016F01D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00750CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00750D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 016F0240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 016F02B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 016F0320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 016F0390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 016F0400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 016F0470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetModuleHandleA] 016F04E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00750F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 773805C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 77380630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 77380710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 016F07F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 016F0860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 016F08D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 016F0940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 016F09B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 016F0A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 016F0A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 773808D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] 016F0B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 016F0B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 016F0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 77380A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 77380B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 007600F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 01700470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 017004E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01700550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00760160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 00760240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 017005C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01700630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 017006A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01700710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01700780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 017007F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01700860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 017008D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01700940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 017009B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01700A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 00760E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 00760E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!HeapFree] 00770010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 01710E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 00770080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01710E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01710EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01710F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01A30010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 01A30080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01A300F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 01A30160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00780A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00780A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 00780B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 01A50860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 01A508D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 77380080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 77380010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77380010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77380080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] 77380080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] 77380010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryExA] 77390400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 773900F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 773902B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 77390320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 773905C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!HeapFree] 773802B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 773904E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 773905C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 77390470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 77390320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 77390390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 773900F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 773901D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 773902B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 77390160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!CreateThread] 773801D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 77390240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00260240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 002602B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00260320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00260390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00260A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00260B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00260B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00260BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 77390D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 77390DA0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00260C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 77390E10 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 77390E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 77390EF0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] 77390F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01F30010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01F30080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 01F300F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 01F30160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 01F301D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00260CC0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00260D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01F30240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 01F302B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 01F30320 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 01F30390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 01F30400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01F30470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetModuleHandleA] 01F304E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00260F60 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 773805C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 77380630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 77380710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 01F307F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01F30860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01F308D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 01F30940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 01F309B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01F30A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 01F30A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 773808D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] 01F30B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01F30B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 01F30BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 77380A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 77380B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 002800F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 01F40470 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01F404E0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01F40550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00280160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 00280240 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01F405C0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01F40630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01F406A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01F40710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01F40780 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01F407F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01F40860 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 01F408D0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01F40940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01F409B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01F40A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 00280A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 00280A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!HeapFree] 00280BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 01F50940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 00280C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01F509B0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01F50A20 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01F50A90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01F50B00 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 01F50B70 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01F50BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 01F50C50 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 003A0630 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 003A06A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 003A0710 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 01F80390 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 01F80400 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77380010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77380080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] 77380080 IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[5928] @ C:\windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] 77380010 ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\00000050 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654f6e1 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b6d99db8 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b6d99db8@0021aa8464a3 0x30 0x7A 0xBB 0x1B ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fedcf2 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fedd81 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654f6e1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b6d99db8 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b6d99db8@0021aa8464a3 0x30 0x7A 0xBB 0x1B ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fedcf2 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fedd81 (not active ControlSet) ---- EOF - GMER 1.0.15 ----